Restore previous configuration for nameid generation
aliaksander-samuseu opened this issue · 1 comments
aliaksander-samuseu commented
According to @yurem , it was decided to remove elements related to SAML1 nameid generation from /opt/shibboleth-idp/conf/saml-nameid.xml
in 3.1.4. It turned out that by simply removing it from there the whole nameid generation process is sabotaged, inlcuding SAML2 nameids. Apparently, this bean element is referenced from other parts of configuration, which need to be modified in tandem with this file.
It may be better to restore this file to its original state until better solution is found. For this text provided below must be re-added to /opt/gluu/jetty/identity/conf/shibboleth3/idp/saml-nameid.xml.vm
:
<!-- SAML 1 NameIdentifier Generation -->
<util:list id="shibboleth.SAML1NameIdentifierGenerators">
<ref bean="shibboleth.SAML1TransientGenerator" />
<!--
<bean parent="shibboleth.SAML1AttributeSourcedGenerator"
p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
p:attributeSourceIds="#{ {'mail'} }" />
-->
</util:list>
yurem commented
Fixed in ac89669
@aliaksander-samuseu can you check the fix?